The French Data Protection Authority (CNIL) has published a “Referential” specifying a set of requirements to be followed by organisations with a data protection officer in order to obtain a data privacy seal for governance procedures. The requirements include the following categories: internal organisation related to data protection; method of verifying that data processing operations comply with  data protection law; and assessment of the management of data subjects’ complaints and data incidents. The CNIL have stated that the requirements aim to ensure that organisations will be prepared for the obligations that are likely to be introduced by the proposed EU General Data Protection Regulation.

Referential (in French)